Vincent Weafer

Vincent Weafer oversees a team of hundreds of researchers in dozens of countries, as well as millions of sensors around the globe, all dedicated to helping protect McAfee customers from the latest cyber threats. He has presented at numerous international security conferences, is the coauthor of a book on Internet security has also been invited to testify on multiple government committees, including the United States Senate Committee on the Judiciary hearing on Combating Cyber Crime and Identify Theft in the Digital Age; the United States Sentencing Commission’s public hearing on Identity Theft and the Restitution Act of 2008; and the United States Senate Committee on Commerce, Science, and Transportation on Impact and Policy Implications of Spyware on Consumers and Businesses.

We got a little carried away in the McAfee Labs Threats Report: June 2017, published today. This quarter’s report has expanded to a rather hefty 83 pages! It contains three highly educational topics, in addition to the usual set of threats statistics: We broadly examine evasion techniques and how malware authors use them to accomplish …

It is no secret that the end goal for cybersecurity companies is to battle cyber-threats & cyber-attackers in order keep their customers assets and data safe. Easy, right? Well, the problem is that defenders must move faster than the attackers, than the changes in the underlying technologies evolve, and faster than the power of tools …

In the McAfee Labs Threats Report: April 2017, published today, we explore two key topics. Following an announcement by the Cyber Threat Alliance of its formal incorporation and the release of a threat intelligence sharing platform, we provide some perspective about threat intelligence sharing. The story provides a detailed analysis of the background and drivers of …

With each new cyber threat report, we learn about the increasing volume of new, complex threats appearing across a myriad of server systems, networking equipment, personal computing platforms, and IoT devices. We also read about the real-world challenges that information security professionals face when attempting to identify, scope, and prioritize security events generated by their …

In the McAfee Labs Threats Report: December 2016 published today, we write about three seemingly disparate topics. However, on closer inspection, they have a common thread. All discuss deception in one way or another, whether ways in which ransomware authors have enhanced their code to sidestep sandboxes, how Trojans infect legitimate code to appear benign, …

In the McAfee Labs 2017 Threats Predictions report, published today, we cover a lot of ground but focus particularly on two areas that will impact IT security for years to come: threats to the cloud and the Internet of Things. The report kicks off with a big-picture examination of difficult-to-solve problems in cyber security and …

The story about ransomware in hospitals in our newly published McAfee Labs Threats Report: September 2016 will probably garner most of the media’s attention, but I think the most interesting story in the report is about machine learning. Here’s why. McAfee has used machine learning in our classification models since the mid-2000s. Initially, we employed …

I would be lost without my smartphone and its many convenient features. I look at my calendar and click to schedule an online meeting, inviting attendees from my contact list. I use my airline app to make sure my flight is on time and click to check the weather at my destination. I pick a …

Big data introduces new wrinkles for managing data volume, workloads, and tools. Securing increasingly large amounts of data begins with a good governance model across the information life cycle. From there, you may need specific controls to address various vulnerabilities. Here are a set of questions to help ensure that you have everything covered. 1. …

During keynote presentations at the RSA Conference 2016 in early March, Chris Young from McAfee, Mark McLaughlin from Palo Alto Networks, and Michael Brown from Symantec discussed the need to share cyber threat intelligence (CTI). There were also a half-dozen conference sessions that examined this important topic. Young made the point that sharing CTI is …

On February 17, AV-TEST CEO Guido Habicht announced that Intel Security was awarded the AV-TEST BEST USABILITY 2015 AWARD for McAfee Endpoint Security (Versions 8.8 and 10.0). This award is given annually to the most user-friendly enterprise-class product for the year. On behalf of Intel Security, Jon Carpenter (right) accepts the AV-TEST BEST USABILITY 2015 …

Attackers are constantly looking for new ways to evade detection. New malware techniques take advantage of operating system features to inject malicious code into memory or the operating system registry without leaving a file on the disk. Traditional detection tools that rely on analyzing disk files need to be augmented with memory analysis and memory …

“Warning: This document contains macros.” A familiar message from the 1990s is back, as attackers find new ways to get people to open documents containing macro malware. This updated threat is targeted at users in large organizations that frequently use macros. Carefully crafted and socially engineered emails entice users to open seemingly legitimate documents and …

In the McAfee Labs 2016 Threats Predictions report, published today, we developed two distinct views of the future. For the first section of the report, we interviewed 21 key people within McAfee Labs, Foundstone Professional Services, and the Office of the CTO’s Advanced Threat Research teams. They were asked to look over the horizon and predict how the …

On October 2 at Virus Bulletin’s VB2015 conference in Prague, Virus Bulletin Editor Martijn Grooten announced that Anand Bodke, Abhishek Karnik, Sanchit Karve, and Raj Samani from McAfee Labs have won the Péter Ször Award. The award is given annually for the best piece of technical security research published during the year. Sanchit Karve accepts …

Several global law enforcement agencies—with assistance from McAfee —this week successfully dismantled the “Beebone” botnet behind a polymorphic worm known by McAfee as W32/Worm-AAEH. The purpose of this worm is to facilitate downloading other malware, including ZBot banking password stealers, Necurs and ZeroAccess rootkits, Cutwail spambots, fake antivirus, and ransomware. The worm spreads quickly to …